'Attack graphs' predict computer security

PORTLAND, Ore.  "Attack graphs" help predict the risk that hackers can crack a computer system's security, plus identify its most vulnerable resources, according to the National Institute of Standards and Technology (NIST).

By analyzing and assigning probabilities to every path a hacker could use to penetrate a computer system, NIST hopes attack graphs will help IT managers identify weak points that need to be patched to safeguard valuable data.

Attack graphs, developed by NIST jointly with George Mason University, calculate the vulnerability of each path into a computer system using NIST's National Vulnerability Database (NVD). By assigning a probable risk to various computer network pathways, the researchers hope to secure computer systems from multistep attacks.

Each step in an attack is graphed with an assigned probability, depending on its security level. For instance, its firewall, router and various servers are each assigned a probability of being hacked, based on information in the NVD.

The most likely avenue of penetration is deduced by combining the probabilities of each step in an attack. Using "Attack Graph Analysis," for which there is a patent pending, the researchers combine the probability of each step in an attack, using NIST's National Vulnerability Database, as the hacker progressively breaks down security in a system. The most likely routes of attack are those with the highest overall probability of success.

Next the researches plan to expand their analysis to include multiprong attacks on large-scale enterprise networks.